Hi,
I currently use Solarwinds MSP Anywhere on all the machines on my network. I also have a Mikrotik RB750r2, which has a hotspot configured on it. The hotspot is to limit users to two websites only.
I have added the allowed websites into the walled garden in the hotspot settings, and it works great. The downside is that the MSP Anywhere will not work. I have added the domains used by MSP Anywhere, and get a half way connection. The users can request support, which we receive, just we can’t connect to the machine to provide it.
The domains that need to be allowed are:
*.beanywhere.com
*.mspa.n-able.com
*.pubnub.com
I’ve added the following rules. (This is now set up in a lab environment so only has the required settings to replicate the issue):
/ip hotspot walled-garden
add comment="place hotspot rules here" disabled=yes
add dst-host=*.beanywhere.com
add dst-host=beanywhere.com
add dst-host=*.mspa.n-able.com
add dst-host=mspa.n-able.com
add dst-host=*.pubnub.com
add dst-host=pubnub.com
/ip hotspot walled-garden ip
add action=accept disabled=no !dst-address !dst-address-list dst-host=*.beanywhere.com \
!dst-port !protocol !src-address !src-address-list
add action=accept disabled=no !dst-address !dst-address-list dst-host=beanywhere.com \
!dst-port !protocol !src-address !src-address-list
add action=accept disabled=no !dst-address !dst-address-list dst-host=*.mspa.n-able.com \
!dst-port !protocol !src-address !src-address-list
add action=accept disabled=no !dst-address !dst-address-list dst-host=mspa.n-able.com \
!dst-port !protocol !src-address !src-address-list
add action=accept disabled=no !dst-address !dst-address-list dst-host=*.pubnub.com \
!dst-port !protocol !src-address !src-address-list
add action=accept disabled=no !dst-address !dst-address-list dst-host=pubnub.com \
!dst-port !protocol !src-address !src-address-list
When I diagnose the problem, it looks like the agent cannot ping any ip which resolves to *.mspa.n-able.com
2018-08-21 15:20:56:051 {3756} [PerformGatewayTCPConnectionTest] - Testing gateway TCP connectivity...
2018-08-21 15:20:56:051 {3756} [PerformGatewayTCPConnectionTest] - Testing gateway direct TCP [Port - 443] connectivity...
2018-08-21 15:20:56:191 {3756} [PingGateway] - Exception while waiting for ping response - Connection Closed Gracefully.
2018-08-21 15:20:56:191 {3756} [PerformGatewayTCPConnectionTest] - Unable to PING gateway 154.61.132.22:443 | Connect - 126360µs
2018-08-21 15:20:56:207 {3756} [PerformGatewayUDPConnectionTest] - Testing gateway UDP connectivity...
2018-08-21 15:20:56:207 {3756} [UDP::PingGW] - Sending ECHO bC9XwLughbMWoDGT8oL3MTQn76CgJYpw to 154.61.132.22:1235...
2018-08-21 15:21:01:223 {3756} [UDP::PingGW] - Sending ECHO bC9XwLughbMWoDGT8oL3MTQn76CgJYpw to 154.61.132.22:1235...
2018-08-21 15:21:06:239 {3756} [PerformGatewayUDPConnectionTest] - Unable to PING gateway 154.61.132.22:1235!!
2018-08-21 15:21:06:348 {3756} [UDP::RemoteSegmentAvailable] - ReceiveBuffer timeout...
2018-08-21 15:21:06:395 {3756} [UDP::~TUDPConnection] - Connection destroyed!!
ping -a 154.61.132.22
Pinging lhrgw-mct12.mspa.n-able.com [154.61.132.22] with 32 bytes of data:
Anyone have any ideas?
James